Google revealed on Wednesday that 2.9 has spent millions of dollars on 2017 as part of the bug bounty program that rewards security researchers for finding vulnerabilities. Since the beginning of the program in November of 2010, Google has said it has paid nearly 12 million dollars to various security researchers.
2017, Google's 2017 bug bounty rewarded a total of 274 researchers and its largest 112.500 dollar amount of money, went to a security researcher to report a exploit chain that could be used to violate Pixel mobile devices.
Google and Android vulnerabilities managed to get $ 1,1 each for 2017, while the rest went to Chrome's vulnerabilities, according to the company's blog post.
Google has also highlighted two other major vulnerabilities that 2017 has discovered:
Researcher "gzobqq" managed to get $ 100.000 for a chain of five errors that allowed remote code execution in Chrome OS, and
Alex Birsan discovered that anyone could have accessed internal Google Issue Tracker data and managed to earn 15.600 dollars.